From mboxrd@z Thu Jan 1 00:00:00 1970 From: =?koi8-r?B?58HX0snMz9cg6cfP0tg=?= Date: Mon, 30 Nov 2015 11:33:19 +0000 Subject: Problem with cls_flow nfct-* keys Message-Id: <508301448883199@web21m.yandex.ru> List-Id: References: <3419281448878074@web15j.yandex.ru> In-Reply-To: <3419281448878074@web15j.yandex.ru> MIME-Version: 1.0 Content-Type: text/plain; charset="windows-1252" Content-Transfer-Encoding: quoted-printable To: lartc@vger.kernel.org Hi everyone! I've discovered some issues with cls_flow nfct-* keys. I have = a router with NAT and clients behind it. All incoming traffic from WAN inte= rface is redirecting to ifb0 device. With HTB qdisc. I Am install SFQ qdisc 99:0 with flow classifyer and nfct-dst key on HTB de= afault leaf class (1:99) : =9A=9A=9A=9Atc qdisc add dev eth0 ingress =9A=9A=9A=9Atc filter add dev eth0 parent ffff: protocol all pref 100 u32 m= atch u32 0 0 action mirred egress redirect dev ifb0 =9A=9A=9A=9Atc qdisc add dev ifb0 root handle 1: htb default 99 r2q 10 =9A=9A=9A=9Atc class add dev ifb0 parent 1: classid 1:1 htb rate 10Mbit =9A=9A=9A=9Atc class add dev ifb0 parent 1:1 classid 1:99 htb rate 2mbit ce= il 10Mbit burst 150k prio 7 =9A=9A=9A=9Atc qdisc add dev ifb0 parent 1:99 handle 99: sfq limit 10240 =9A=9A=9A=9Atc filter add dev ifb0 parent 99: protocol all handle 1 flow ma= p key nfct-dst and 0xff divisor 1024 I am trying to achieve equal bandwidth sharing between internal IPs, so tha= t single IP could not get all free bandwidth with Torrent. But it doesn't w= ork. After investigation I've discovered, that all incoming traffic, that hit default HTB class (1:99), goes to SFQ class 99:1f, which equals to= WAN IP of my router *.*.*.30, so I see that nfct-dst key behaves like a si= mple dst. Is there any chance to fix it?